Hi everyone, I found out a weird thing today. I logged in to a Struts app and got forwarded to the homepage, which contains a sortable displaytag table. The URL for the sortable columns of the table contains the user name and password I entered!
For example, on the login page, I used the login Test/myPassword, and the URL for a sortable column is the following: http://127.0.0.1:7767/test/homepage.do?d-1111-s=3&d-1111-o=2&passwd=myPassword&submit=login&username=Test Any idea why it does that, and how I can fix this security risk? Thanks. Wilson ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ displaytag-user mailing list displaytag-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/displaytag-user
